CVE-2010-0564
Description
Buffer overflow in Trend Micro URL Filtering Engine (TMUFE) in OfficeScan 8.0 before SP1 Patch 5 - Build 3510, possibly tmufeng.dll before 3.0.0.1029, allows attackers to cause a denial of service (crash or OfficeScan hang) via unspecified vectors. NOTE: it is likely that this issue also affects tmufeng.dll before 2.0.0.1049 for OfficeScan 10.0.
Predictions
Heuristic predictions, AS-IS, for prioritization only.
Mitigations
No mitigations published for this CVE yet.
The vendor-content worker queues fetches as references arrive (check back in a few minutes). Or โ if you've already worked around this in production โ publish your fix to the community-verified tier.
โ Propose a mitigation on Community โ Mitigations published via the community go through AI scoring + 2 human reviewers + 7-day silent objection window before landing here withsource_tier=community-verified.
Application impact
| Vendor | Product | Versions | Fixed |
|---|---|---|---|
| trendmicro | officescan | {"endIncluding":"8.0"} | |
References
- http://secunia.com/advisories/38396
- http://www.securityfocus.com/bid/38083
- http://www.securitytracker.com/id?1023553
- http://www.trendmicro.com/ftp/documentation/readme/OSCE_80_Win_SP1_Patch_5_en_readme.txt
- http://www.trendmicro.com/ftp/documentation/readme/readme_1224.txt
- http://www.vupen.com/english/advisories/2010/0295
- https://exchange.xforce.ibmcloud.com/vulnerabilities/56097
- http://secunia.com/advisories/38396
- http://www.securityfocus.com/bid/38083
- http://www.securitytracker.com/id?1023553
- http://www.trendmicro.com/ftp/documentation/readme/OSCE_80_Win_SP1_Patch_5_en_readme.txt
- http://www.trendmicro.com/ftp/documentation/readme/readme_1224.txt
- http://www.vupen.com/english/advisories/2010/0295
- https://exchange.xforce.ibmcloud.com/vulnerabilities/56097
CWEs
CWE-119
Community-verified mitigations for this CVE will appear above when contributors publish them.
Verify integrity in audit chain (admin only). AS-IS.